package com.wzxl.api;

import com.wzxl.bean.User;
import com.wzxl.config.shiro.MyAuthenticationToken;
import com.wzxl.utils.ConstantUtils;
import com.wzxl.utils.ShiroUtils;
import com.wzxl.utils.core.MediaTypes;
import com.wzxl.utils.mapper.JsonMapper;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;
import org.springframework.util.StringUtils;
import org.springframework.validation.BindingResult;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.mvc.support.RedirectAttributes;

import javax.servlet.http.HttpServletRequest;
import javax.validation.Valid;

/**
 * @author 马浩 mahao@aowlx.onaliyun.com
 * @Package com.wzxl.api
 * @Description: TODO (  )
 * @Date 2018/1/18 10:56
 * @Version V1.0
 */
@RestController
public class LoginController {

    @RequestMapping("/")
    public ModelAndView home() {
        return new ModelAndView("/console/login");
    }

    @RequestMapping(value = "/api/console/login", method = RequestMethod.GET, produces = MediaTypes.JSON_UTF_8)
    public ModelAndView loginForm() {
        SecurityUtils.getSubject().logout();
        return new ModelAndView("/console/login");
    }

    @RequestMapping(value = "/api/console/loginto", method = RequestMethod.POST, produces = MediaTypes.JSON_UTF_8)
    public ModelAndView loginPost(@Valid User account, BindingResult bindingResult, RedirectAttributes redirectAttributes, HttpServletRequest request) {
        if (bindingResult.hasErrors()) {
            return new ModelAndView("redirect:/api/console/login");
        }
        MyAuthenticationToken token = new MyAuthenticationToken(account.getUsername(), account.getPassword(), false, "", "", false);
        /**
         * 获取当前用户
         */
        Subject subject = SecurityUtils.getSubject();
        try {
            subject.login(token);
        } catch (UnknownAccountException uae) {
            redirectAttributes.addFlashAttribute("message", "未知账户");
        } catch (IncorrectCredentialsException ice) {
            redirectAttributes.addFlashAttribute("message", "密码不正确");
        } catch (LockedAccountException lae) {
            redirectAttributes.addFlashAttribute("message", "账户已锁定");
        } catch (ExcessiveAttemptsException eae) {
            redirectAttributes.addFlashAttribute("message", "用户名或密码错误次数过多");
        } catch (AuthenticationException ae) {
            //通过处理Shiro的运行时AuthenticationException就可以控制用户登录失败或密码错误时的情景
            redirectAttributes.addFlashAttribute("message", "用户名或密码不正确");
        }
        //验证是否登录成功
        if (subject.isAuthenticated()) {
            User account1 = ShiroUtils.getUserInfo();
            Session session = SecurityUtils.getSubject().getSession();
            session.setAttribute(ConstantUtils.USER_SESSION, account1);
            request.getSession().setAttribute("mess", account1);
            System.out.println(request.getSession().getAttribute("mess"));
        } else {
            token.clear();
            return new ModelAndView("redirect:/api/console/login");
        }
        return new ModelAndView("redirect:/api/console/index");
    }

    @RequestMapping(value = "/api/console/logout", method = RequestMethod.GET)
    public ModelAndView logout(RedirectAttributes redirectAttributes) {
        SecurityUtils.getSubject().logout();
        redirectAttributes.addFlashAttribute("message", "您已安全退出");
        return new ModelAndView("redirect:/api/console/login");
    }

    @RequestMapping(value = "/api/console/index", method = RequestMethod.GET)
    public ModelAndView index(RedirectAttributes redirectAttributes) {
        return new ModelAndView("/console/index");
    }

    @RequestMapping(value = "/api/console/show", method = RequestMethod.GET)
    public String show(HttpServletRequest request){
        Object o = request.getSession().getAttribute("mess");
        if (StringUtils.isEmpty(o)){
            request.getSession().setAttribute("mess","success");
        }
        return new JsonMapper().toJson(request.getSession().getId());
    }
}
